GDPR Compliance Policy

Policy Owner: Samandip Dhesi, CEO

Effective Date: 1st May 2024

Application

This policy applies to all employees, contractors, and vendors while doing business with Atlas Labs Limited and others who have access to European Union (EU) and the European Economic Area (EEA) data subject information (“personal data”) in connection with Atlas Labs Limited's operating activities.

Policy

Atlas Labs Limited is committed to protecting the security, confidentiality, and privacy of its information resources including EU and EEA personal data in accordance with the requirements set forth in the General Data Protection Regulation (EU)2016/679 (“GDPR”, “Regulation”). Personal data shall only be processed when there is a legal basis to do so, data shall be managed to ensure that security, confidentiality, and privacy are maintained, and data will be used only for authorized purposes. All employees and contractors of Atlas Labs Limited share the responsibility for safeguarding personal data to which they have access.

When performing commercial activities in support of Atlas Labs Limited products and services that impacts EU/EEA personal data, Atlas Labs Limited may engage in certain activities which may require it to receive, store, process, transmit, create, or access and use data which may trigger compliance requirements with the provisions applicable to GDPR. This policy and the GDPR Policies adopted hereunder are intended to support the mission of Atlas Labs Limited and to facilitate data processing activities that are important to Atlas Labs Limited by:

• Ensuring compliance with requirements imposed by GDPR and Atlas Labs Limited's regulatory obligations
• Providing for the establishment of GDPR Policies that set forth, among other things, the required technical, physical, and administrative safeguards to maintain the security, confidentiality, and privacy of personal data
• Setting forth the roles and responsibilities necessary for Atlas Labs Limited to meet its obligations with respect to activities related to the processing of personal data in accordance with GDPR

Roles and Responsibilities

Policy Adoption

Atlas Labs Limited shall, in cooperation with relevant stakeholders, develop and adopt necessary and appropriate GDPR Policies, which will include, among other things, the technical, physical, and administrative safeguards required to ensure the confidentiality, integrity, and privacy of personal data, and protect personal data against reasonably anticipated threats or hazards and unauthorized uses or disclosures. All relevant Atlas Labs Limited stakeholders shall cooperate with Atlas Labs Limited in the development and implementation of the GDPR Policies.

The Atlas Labs Limited Information Security and Data Privacy Policies are a component of the GDPR Policies and implement controls which support GDPR compliance.

Responsible Person

Samandip Dhesi, CEO, [email protected], +447399404487 has been assigned responsibility for overall oversight of Atlas Labs Limited's GDPR compliance program.

Data Protection Officer

The Data Protection Officer (DPO) shall have the responsibilities set forth in this Policy and GDPR Article 39. The DPO is tasked with daily and ongoing oversight and management of Atlas Labs Limited's GDPR Compliance Program, which includes the following responsibilities:

• Monitoring Atlas Labs Limited's internal compliance with GDPR